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Abstract 

A cloud storage system, consisting of a collection of storage servers, provides long-term storage 
services over the Internet. Storing data in a third party's cloud system causes serious concern 
over data confidentiality. General encryption schemes protect data confidentiality, but also limit 
the functionahty of the storage system because a few operations are supported over encrypted 
data. Constructing a secure storage system that supports multiple functions is challenging when 
the storage system is distributed and has no central authority. We propose a threshold proxy re- 
encryption scheme and integrate it with a decentralized erasure code such that a secure 
distributed storage system is formulated. The distributed storage system not only supports secure 
and robust data storage and retrieval, but also lets a user forward his data in the storage servers to 
another user without retrieving the data back. The main technical contribution is that the proxy 
re-encryption scheme supports encoding operations over encrypted messages as well as 
forwarding operations over encoded and encrypted messages. Our method fully integrates 
encrypting, encoding, and forwarding. We analyze and suggest suitable parameters for the 
number of copies of a message dispatched to storage servers and the number of storage servers 
queried by a key server. These parameters allow more flexible adjustment between the number 
of storage servers and robustness. 
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ARCHITECTURE: 




SCOPE OF THE PROJECT: 

Designing a cloud storage system for robustness, confidentiality and functionality. The proxy re- 
encryption scheme supports encoding operations over encrypted messages as well as forwarding 
operations over encoded and encrypted messages. To provide data robustness is to replicate a 
message such that each Storage server stores a copy of the message. It is very robust because the 
message can be retrieved as long as one storage server survives. 

The number of failure servers is under the tolerance threshold of the erasure code, the 
message can be recovered from the codeword symbols stored in the available storage servers by 
the decoding process. This provides a tradeoff between the storage size and the tolerance 
threshold of failure servers. 

A decentralized erasure code is an erasure code that independently computes each codeword 
symbol for a message. A decentralized erasure code is suitable for use in a distributed storage 
system. 

A storage server failure is modeled as an erasure error of the stored codeword symbol. 

We construct a secure cloud storage system that supports the function of secure data 
forwarding by using a threshold proxy re-encryption scheme. The encryption scheme supports 
decentralized erasure codes over encrypted messages and forwarding operations over encrypted 
and encoded messages. Our system is highly distributed where storage servers independently 
encode and forward messages and key servers independently perform partial decryption. 
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EXISTING SYSTEM: 

In Existing System we use a straightforward integration method. In straightforward 
integration method Storing data in a third party's cloud system causes serious concern on data 
confidentiality. In order to provide strong confidentiality for messages in storage servers, a user 
can encrypt messages by a cryptographic method before applying an erasure code method to 
encode and store messages. When he wants to use a message, he needs to retrieve the 
Codeword symbols from storage servers, decode them, and then decrypt them by using 
cryptographic keys. 

General encryption schemes protect data confidentiality, but also limit the functionality 
of the storage system because a few operations are supported over encrypted data. 

A decentralized architecture for storage systems offers good scalability, because a storage 
server can join or leave without control of a central authority. 



DISADVATAGES OF EXISTING SYSTEM: 

♦♦♦ The user can perform more computation and communication traffic between the user and storage 
servers is high. 

♦♦♦ The user has to manage his cryptographic keys otherwise the security has to be broken. 

♦♦♦ The data storing and retrieving, it is hard for storage servers to directly support other functions. 



PROPOSED SYSTEM: 

In our proposed system we address the problem of forwarding data to another user by 
storage servers directly under the command of the data owner. We consider the system model 
that consists of distributed storage servers and key servers. Since storing cryptographic keys in a 
single device is risky, a user distributes his cryptographic key to key servers that shall perform 
cryptographic functions on behalf of the user. These key servers are highly protected by security 
mechanisms. 

The distributed systems require independent servers to perform all operations. We propose a new 
threshold proxy re-encryption scheme and integrate it with a secure decentralized code to form a 
secure distributed storage system. The encryption scheme supports encoding operations over 
encrypted messages and forwarding operations over encrypted and encoded messages. 
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ADVANTAGES OF PROPOSED SYSTEM: 

♦♦♦ Tight integration of encoding, encryption, and forwarding makes the storage system efficiently 
meet the requirements of data robustness, data confidentiality, and data forwarding. 

♦♦♦ The storage servers independently perform encoding and re-encryption process and the key 
servers independently perform partial decryption process. 

♦♦♦ More flexible adjustment between the number of storage servers and robustness. 



METHODOLOGY USED: 

PROXY RE-ENCRYPTION SCHEME WITH MULTIPLICATIVE HOMOMORPHIC 
PROPERTY: 

In the proxy Re-encryption key the messages are first encrypted by the owner and 
then stored in a storage server. When a user wants to share his messages, he sends a re- 
encryption key to the storage server. The storage server re-encrypts the encrypted messages for 
the authorized user. Thus, their system has data confidentiality and supports the data forwarding 
function. 

An encryption scheme is multiplicative homomorphic if it supports a group 
operation on encrypted plaintexts without decryption. The multiplicative homomorphic 
encryption scheme supports the encoding process over encrypted messages. We then convert a 
proxy re-encryption scheme with multiplicative homomorphic property into a threshold version. 
A secret key is shared to key servers with a threshold value t. To decrypt for a set of k message 
symbols, each key server independently queries 2 storage servers and partially decrypts two 
encrypted codeword symbols. As long as t key servers are available, k codeword symbols are 
obtained from the partially decrypted cipher texts. 

In order to preserve privacy, the clients will encrypt their data when they out- 
source it to the cloud. However, the encrypted form of data greatly impedes the utilization due to 
its randomness. Many efforts have been done for the purpose of data usage but without 
undermining the data privacy. Homomorphism: Given two cipher texts cl and c2 on plaintexts 
ml and m2 respectively, one can obtain the cipher text on the plaintext ml +m2 and/or ml -m2 
by evaluating cl and c2 without decrypting cipher texts. Proxy re-encryption: Given a proxy re- 

A Monthly Double-Blind Peer Reviewed Refereed Open Access International e-Journal - Included in the International Serial Directories 
Indexed & Listed at: Ulrich's Periodicals Directory ©, U.S.A., ItMJiPBtfyf j as well as in Cabell's Directories of Publishing Opportunities, U.S.A. 

International Journal of Management, IT and Engineering 
http://www.ijmra.us 



291 




ISSN: 2249-0558 



encryption key, the proxy can transform a cipher text of one user to a cipher text of the target 
user. Threshold decryption: By dividing the private key into several pieces of secret shares, all 
clients can work together to decrypt the cipher text - the output of the function. 
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MODULES: 

• Construction of Cloud Data Storage Module 

• Data Encryption Module 

• Data Forwarding Module 

• Data Retrieval Module 



MODULES DESCRIPTION: 
Construction of Cloud Data Storage Module 

In Admin Module the admin can login to give his username and password. Then the server setup 
method can be opened. In server setup process the admin first set the remote servers Ip-address 
for send that Ip-address to the receiver. Then the server can skip the process to activate or Dis- 
activate the process. For activating the process the storage server can display the Ip-address. For 
Dis-activating the process the storage server cannot display the Ip-address. These details can be 
viewed by clicking the key server. The activated Ip-addresses are stored in available storage 
server. By clicking the available storage server button we can view the currently available Ip- 
addresses. 
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Data Encryption Module 

In cloud login module the user can login his own details. If the user cannot have the account for 
that cloud system first the user can register his details for using and entering into the cloud 
system. The Registration process details are Username, E-mail, password, confirm password, 
date of birth, gender and also the location. After entering the registration process the details can 
be stored in database of the cloud system. Then the user has to login to give his corrected 
username and password the code has to be send his/her E-mail. Then the user will go to open his 
account and view the code that can be generated from the cloud system. 

In Upload Module the new folder can be create for storing the files. In folder creation 
process the cloud system may ask one question for that user. The user should answer the 
question and must remember that answer for further usage. Then enter the folder name for create 
the folder for that user. In file upload process the user has to choose one file from browsing the 
system and enter the upload option. Now, the server from the cloud can give the encrypted form 
of the uploading file. 
Data Forwarding Module 

In forward module first we can see the storage details for the uploaded files. When click the 
storage details option we can see the file name, question, answer, folder name, forward value 
(true or false), forward E-mail. If the forward column display the forwarded value is true the user 
cannot forward to another person. If the forward column display the forwarded value is false the 
user can forward the file into another person. In file forward processes contains the selected file 
name, E-mail address of the forwarder and enter the code to the forwarder. Now, another user 
can check his account properly and view the code forwarded from the previous user. Then the 
current user has login to the cloud system and to check the receive details. In receive details the 
forwarded file is present then the user will go to the download process. 
Data Retrieval Module 

In Download module contains the following details. There are username and file name. First, the 
server process can be run which means the server can be connected with its particular client. 
Now, the client has to download the file to download the file key. In file key downloading 
process the fields are username, filename, question, answer and the code. Now clicking the 
download option the client can view the encrypted key. Then using that key the client can view 
the file and use that file appropriately. 
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